2341 matches found
ArticleCMS 代码问题漏洞
ArticleCMS is an application system. A multifaceted information website built on Bootstrap and ThinkPHP. ArticleCMS has a file upload vulnerability. As there is no restriction on uploading files. An attacker can obtain a shell by uploading a file...
ArticleCMS 代码问题漏洞
ArticleCMS is an application system. A multifaceted information website built on Bootstrap and ThinkPHP. A security vulnerability exists in ArticleCMS version 1.0. The vulnerability stems from a file upload vulnerability in the program, which could allow a remote malicious user to execute arbitra...
Sifchain: Vulnerable javascript dependency at Main domain
Hello, Issue detail, Burp observed 1 outdated JavaScript libraries with 4 known vulnerabilities. Burp detected bootstrap version 4.0.0, which has the following vulnerabilities: CVE-2019-8331: XSS in data-template, data-content and data-title properties of tooltip/popover CVE-2018-14041: XSS in...
Cross-site scripting in bootstrap-select
Overview bootstrap-select before 1.13.6 allows Cross-Site Scripting XSS. It does not escape title values in OPTION elements. This may allow attackers to execute arbitrary JavaScript in a victim's browser. Recommendation Upgrade to version 1.13.6 or later References - CVE - GitHub Advisory...
@0negativ/hawtio-integration (>=4.13.7-rc4 <=4.13.7-rc5), @archey347/uf_blog (=0.0.0) +383 more potentially affected by CVE-2019-20921 via bootstrap-select (>=1.10.0 <=1.13.5)
bootstrap-select NPM version =1.10.0, =4.13.7-rc4, =1.31.0, =1.13.0, =1.0.9, =2.0.0, =0.1.0, =1.0.0, =2.0.0, =2.2.0, =0.0.4, =2.0.0, =2.0.31 and more Source cves: CVE-2019-20921 Source advisory: OSV:GHSA-7C82-MP33-R854...
GHSA-7C82-MP33-R854 Cross-site scripting in bootstrap-select
bootstrap-select before 1.13.6 allows Cross-Site Scripting XSS. It does not escape title values in OPTION elements. This may allow attackers to execute arbitrary JavaScript in a victim's browser...
Cross-site scripting in bootstrap-select
bootstrap-select before 1.13.6 allows Cross-Site Scripting XSS. It does not escape title values in OPTION elements. This may allow attackers to execute arbitrary JavaScript in a victim's browser...
GHSA-P48W-VF3C-RQJX Cross-Site Scripting in Bootstrap Package
Problem It has been discovered that rendering content in the website frontend is vulnerable to cross-site scripting. A valid backend user account is needed to exploit this vulnerability. The following templates are affected by the vulnerability:...
Cross-Site Scripting in Bootstrap Package
Problem It has been discovered that rendering content in the website frontend is vulnerable to cross-site scripting. A valid backend user account is needed to exploit this vulnerability. The following templates are affected by the vulnerability:...
CVE-2021-21365
Bootstrap Package is a theme for TYPO3. It has been discovered that rendering content in the website frontend is vulnerable to cross-site scripting. A valid backend user account is needed to exploit this vulnerability. Users of the extension, who have overwritten the affected templates with custo...
CVE-2021-21365
Bootstrap Package is a theme for TYPO3. It has been discovered that rendering content in the website frontend is vulnerable to cross-site scripting. A valid backend user account is needed to exploit this vulnerability. Users of the extension, who have overwritten the affected templates with custo...
Cross site scripting
Bootstrap Package is a theme for TYPO3. It has been discovered that rendering content in the website frontend is vulnerable to cross-site scripting. A valid backend user account is needed to exploit this vulnerability. Users of the extension, who have overwritten the affected templates with custo...
CVE-2021-21365 Cross-Site Scripting in Content Rendering
Bootstrap Package is a theme for TYPO3. It has been discovered that rendering content in the website frontend is vulnerable to cross-site scripting. A valid backend user account is needed to exploit this vulnerability. Users of the extension, who have overwritten the affected templates with custo...
CVE-2021-21365
CVE-2021-21365 affects the Bootstrap Package for TYPO3. The vulnerability is a cross-site scripting issue in frontend rendering that requires a valid backend user to exploit. It can affect users who overwrote affected templates with custom code. The fixed versions are 7.1.2, 8.0.8, 9.1.4, 10.0.10...
Bootstrap 跨站脚本漏洞
Bootstrap is an open source web front-end framework developed using HTML, CSS and JavaScript. A cross-site scripting vulnerability exists in Bootstrap Package, which stems from insufficient harmless handling of user-supplied data. The following products and versions are affected: Bootstrap Packag...
Cross-Site Scripting in extension "Bootstrap Package" (bootstrap_package)
The extension fails to properly encode user input for output in HTML context. The following templates are affected by the vulnerability:...
PT-2021-14447 · Typo3 · Bootstrap Package
Name of the Vulnerable Software and Affected Versions: Bootstrap Package versions 7.1.2, 8.0.8, 9.1.4, 10.0.10 or 11.0.3 Description: The Bootstrap Package for TYPO3 has a cross-site scripting issue when rendering content in the website frontend. A valid backend user account is required to exploi...
H+ backend theme UI framework has file upload vulnerability
H+ Backend Theme UI Framework is a fully responsive, flat theme developed based on the latest version of Bootstrap 3.3.6. A file upload vulnerability exists in the H+ Backend Theme UI Framework, which can be exploited by an attacker to gain control of the server...
SUSE: Security Advisory (SUSE-SU-2015:0789-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security fix for the ALT Linux 10 package dotnet-bootstrap-5.0 version 5.0.5-alt1
April 17, 2021 Vitaly Lipatov 5.0.5-alt1 - .NET 5.0.5 and .NET SDK 5.0.202 - CVE-2021-26701: .NET Core Remote Code Execution Vulnerability...